This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/21336] __libc_res_nsearch() leak?

From: "rob.krakora at bluepillar dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Tue, 04 Apr 2017 17:57:58 +0000
Subject: [Bug libc/21336] __libc_res_nsearch() leak?
Auto-submitted: auto-generated
References: <bug-21336-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=21336

--- Comment #10 from Rob Krakora <rob.krakora at bluepillar dot com> ---
The leak is occurring in the eglibc 2.19 code below...however, in the glibc
2.25 code further below there is some code added to indicated to the layers
above that a malloc has occurred which would negate the my proposed patch. 
eglibc 2.19 and glibc 2.19 are closer and glibc 2.19 does not have the code to
indicate to the layers above that a malloc has occurred so it could possibly
have a leak???

eglibc 2.19:

                if (*thisanssizp < MAXPACKET
                    /* If the current buffer is not the the static
                       user-supplied buffer then we can reallocate
                       it.  */
                    && (thisansp != NULL && thisansp != ansp)
#ifdef FIONREAD
                    /* Is the size too small?  */
                    && (ioctl (pfd[0].fd, FIONREAD, thisresplenp) < 0
                        || *thisanssizp < *thisresplenp)
#endif
                    ) {
                        /* Always allocate MAXPACKET, callers expect
                           this specific size.  */
                        u_char *newp = malloc (MAXPACKET);
                        if (newp != NULL) {
                                *thisanssizp = MAXPACKET;
                                *thisansp = newp;
                        }
                }

glibc 2.25:

                if (*thisanssizp < MAXPACKET
                    /* If the current buffer is not the the static
                       user-supplied buffer then we can reallocate
                       it.  */
                    && (thisansp != NULL && thisansp != ansp)
#ifdef FIONREAD
                    /* Is the size too small?  */
                    && (ioctl (pfd[0].fd, FIONREAD, thisresplenp) < 0
                        || *thisanssizp < *thisresplenp)
#endif
                    ) {
                        /* Always allocate MAXPACKET, callers expect
                           this specific size.  */
                        u_char *newp = malloc (MAXPACKET);
                        if (newp != NULL) {
                                *thisanssizp = MAXPACKET;
                                *thisansp = newp;
                                if (thisansp == ansp2)
                                  *ansp2_malloced = 1;
                        }
                }

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]